Document requirements for calling mmcheck to install corruption checking
hooks and set up to enforce the requirements. However, we still allow unconditional installation until some complications are resolved.
This commit is contained in:
parent
3624c87592
commit
01fb5bca1c
3 changed files with 412 additions and 0 deletions
|
@ -1,5 +1,13 @@
|
|||
Thu Mar 26 17:06:04 1992 Fred Fish (fnf@cygnus.com)
|
||||
|
||||
* attach.c (reuse): Explicitly discard return value of mmcheck.
|
||||
* mmcheck.c (mmcheck): Document requirements for installing
|
||||
corruption checking hooks and set up to enforce restrictions.
|
||||
|
||||
Tue Mar 24 23:41:10 1992 K. Richard Pixley (rich@cygnus.com)
|
||||
|
||||
* config/mh-irix4: new file.
|
||||
|
||||
* Makefile.in: added standard targets, fixed install directories.
|
||||
|
||||
Sat Mar 14 17:34:59 1992 Fred Fish (fnf@cygnus.com)
|
||||
|
|
208
mmalloc/attach.c
Normal file
208
mmalloc/attach.c
Normal file
|
@ -0,0 +1,208 @@
|
|||
/* Initialization for access to a mmap'd malloc managed region.
|
||||
Copyright 1992 Free Software Foundation, Inc.
|
||||
|
||||
Contributed by Fred Fish at Cygnus Support. fnf@cygnus.com
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
|
||||
|
||||
|
||||
#include <fcntl.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include "mmalloc.h"
|
||||
|
||||
#ifndef SEEK_SET
|
||||
#define SEEK_SET 0
|
||||
#endif
|
||||
|
||||
/* Forward declarations/prototypes for local functions */
|
||||
|
||||
static struct mdesc *reuse PARAMS ((int));
|
||||
|
||||
/* Initialize access to a mmalloc managed region.
|
||||
|
||||
If FD is a valid file descriptor for an open file then data for the
|
||||
mmalloc managed region is mapped to that file, otherwise "/dev/zero"
|
||||
is used and the data will not exist in any filesystem object.
|
||||
|
||||
If the open file corresponding to FD is from a previous use of
|
||||
mmalloc and passes some basic sanity checks to ensure that it is
|
||||
compatible with the current mmalloc package, then it's data is
|
||||
mapped in and is immediately accessible at the same addresses in
|
||||
the current process as the process that created the file.
|
||||
|
||||
If BASEADDR is not NULL, the mapping is established starting at the
|
||||
specified address in the process address space. If BASEADDR is NULL,
|
||||
the mmalloc package chooses a suitable address at which to start the
|
||||
mapped region, which will be the value of the previous mapping if
|
||||
opening an existing file which was previously built by mmalloc, or
|
||||
for new files will be a value chosen by mmap.
|
||||
|
||||
Specifying BASEADDR provides more control over where the regions
|
||||
start and how big they can be before bumping into existing mapped
|
||||
regions or future mapped regions.
|
||||
|
||||
On success, returns a "malloc descriptor" which is used in subsequent
|
||||
calls to other mmalloc package functions. It is explicitly "void *"
|
||||
("char *" for systems that don't fully support void) so that users
|
||||
of the package don't have to worry about the actual implementation
|
||||
details.
|
||||
|
||||
On failure returns NULL. */
|
||||
|
||||
|
||||
#if defined(HAVE_MMAP)
|
||||
|
||||
PTR
|
||||
mmalloc_attach (fd, baseaddr)
|
||||
int fd;
|
||||
PTR baseaddr;
|
||||
{
|
||||
struct mdesc mtemp;
|
||||
struct mdesc *mdp;
|
||||
PTR mbase;
|
||||
struct stat sbuf;
|
||||
|
||||
/* First check to see if FD is a valid file descriptor, and if so, see
|
||||
if the file has any current contents (size > 0). If it does, then
|
||||
attempt to reuse the file. If we can't reuse the file, either
|
||||
because it isn't a valid mmalloc produced file, was produced by an
|
||||
obsolete version, or any other reason, then we fail to attach to
|
||||
this file. */
|
||||
|
||||
if (fd >= 0)
|
||||
{
|
||||
if (fstat (fd, &sbuf) < 0)
|
||||
{
|
||||
return (NULL);
|
||||
}
|
||||
else if (sbuf.st_size > 0)
|
||||
{
|
||||
return ((PTR) reuse (fd));
|
||||
}
|
||||
}
|
||||
|
||||
/* We start off with the malloc descriptor allocated on the stack, until
|
||||
we build it up enough to call _mmalloc_mmap_morecore() to allocate the
|
||||
first page of the region and copy it there. Ensure that it is zero'd and
|
||||
then initialize the fields that we know values for. */
|
||||
|
||||
mdp = &mtemp;
|
||||
memset ((char *) mdp, 0, sizeof (mtemp));
|
||||
strncpy (mdp -> magic, MMALLOC_MAGIC, MMALLOC_MAGIC_SIZE);
|
||||
mdp -> headersize = sizeof (mtemp);
|
||||
mdp -> version = MMALLOC_VERSION;
|
||||
mdp -> morecore = __mmalloc_mmap_morecore;
|
||||
mdp -> fd = fd;
|
||||
mdp -> base = mdp -> breakval = mdp -> top = baseaddr;
|
||||
|
||||
/* If we have not been passed a valid open file descriptor for the file
|
||||
to map to, then open /dev/zero and use that to map to. */
|
||||
|
||||
if (mdp -> fd < 0)
|
||||
{
|
||||
if ((mdp -> fd = open ("/dev/zero", O_RDWR)) < 0)
|
||||
{
|
||||
return (NULL);
|
||||
}
|
||||
else
|
||||
{
|
||||
mdp -> flags |= MMALLOC_DEVZERO;
|
||||
}
|
||||
}
|
||||
|
||||
/* Now try to map in the first page, copy the malloc descriptor structure
|
||||
there, and arrange to return a pointer to this new copy. If the mapping
|
||||
fails, then close the file descriptor if it was opened by us, and arrange
|
||||
to return a NULL. */
|
||||
|
||||
if ((mbase = mdp -> morecore (mdp, sizeof (mtemp))) != NULL)
|
||||
{
|
||||
memcpy (mbase, mdp, sizeof (mtemp));
|
||||
mdp = (struct mdesc *) mbase;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (mdp -> flags & MMALLOC_DEVZERO)
|
||||
{
|
||||
close (mdp -> fd);
|
||||
}
|
||||
mdp = NULL;
|
||||
}
|
||||
|
||||
return ((PTR) mdp);
|
||||
}
|
||||
|
||||
/* Given an valid file descriptor on an open file, test to see if that file
|
||||
is a valid mmalloc produced file, and if so, attempt to remap it into the
|
||||
current process at the same address to which it was previously mapped.
|
||||
|
||||
Note that we have to update the file descriptor number in the malloc-
|
||||
descriptor read from the file to match the current valid one, before
|
||||
trying to map the file in, and again after a successful mapping and
|
||||
after we've switched over to using the mapped in malloc descriptor
|
||||
rather than the temporary one on the stack.
|
||||
|
||||
Also note that if the heap being remapped previously used the mmcheck()
|
||||
routines, we need to update the hooks since their target functions
|
||||
will have certainly moved if the executable has changed in any way.
|
||||
We do this by calling mmcheck() internally.
|
||||
|
||||
Returns a pointer to the malloc descriptor if successful, or NULL if
|
||||
unsuccessful for some reason. */
|
||||
|
||||
static struct mdesc *
|
||||
reuse (fd)
|
||||
int fd;
|
||||
{
|
||||
struct mdesc mtemp;
|
||||
struct mdesc *mdp = NULL;
|
||||
|
||||
if ((lseek (fd, 0L, SEEK_SET) == 0) &&
|
||||
(read (fd, (char *) &mtemp, sizeof (mtemp)) == sizeof (mtemp)) &&
|
||||
(mtemp.headersize == sizeof (mtemp)) &&
|
||||
(strcmp (mtemp.magic, MMALLOC_MAGIC) == 0) &&
|
||||
(mtemp.version <= MMALLOC_VERSION))
|
||||
{
|
||||
mtemp.fd = fd;
|
||||
if (__mmalloc_remap_core (&mtemp) == mtemp.base)
|
||||
{
|
||||
mdp = (struct mdesc *) mtemp.base;
|
||||
mdp -> fd = fd;
|
||||
if (mdp -> mfree_hook != NULL)
|
||||
{
|
||||
(void) mmcheck ((PTR) mdp, (void (*) PARAMS ((void))) NULL);
|
||||
}
|
||||
}
|
||||
}
|
||||
return (mdp);
|
||||
}
|
||||
|
||||
#else /* !defined (HAVE_MMAP) */
|
||||
|
||||
/* For systems without mmap, the library still supplies an entry point
|
||||
to link to, but trying to initialize access to an mmap'd managed region
|
||||
always fails. */
|
||||
|
||||
PTR
|
||||
mmalloc_attach (fd, baseaddr)
|
||||
int fd;
|
||||
PTR baseaddr;
|
||||
{
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
#endif /* defined (HAVE_MMAP) */
|
||||
|
196
mmalloc/mmcheck.c
Normal file
196
mmalloc/mmcheck.c
Normal file
|
@ -0,0 +1,196 @@
|
|||
/* Standard debugging hooks for `mmalloc'.
|
||||
Copyright 1990, 1991, 1992 Free Software Foundation
|
||||
|
||||
Written May 1989 by Mike Haertel.
|
||||
Heavily modified Mar 1992 by Fred Fish (fnf@cygnus.com)
|
||||
|
||||
The GNU C Library is free software; you can redistribute it and/or
|
||||
modify it under the terms of the GNU Library General Public License as
|
||||
published by the Free Software Foundation; either version 2 of the
|
||||
License, or (at your option) any later version.
|
||||
|
||||
The GNU C Library is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
Library General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Library General Public
|
||||
License along with the GNU C Library; see the file COPYING.LIB. If
|
||||
not, write to the Free Software Foundation, Inc., 675 Mass Ave,
|
||||
Cambridge, MA 02139, USA.
|
||||
|
||||
The author may be reached (Email) at the address mike@ai.mit.edu,
|
||||
or (US mail) as Mike Haertel c/o Free Software Foundation. */
|
||||
|
||||
#include "mmalloc.h"
|
||||
|
||||
/* Default function to call when something awful happens. The application
|
||||
can specify an alternate function to be called instead (and probably will
|
||||
want to). */
|
||||
|
||||
extern void abort PARAMS ((void));
|
||||
|
||||
/* Arbitrary magical numbers. */
|
||||
|
||||
#define MAGICWORD 0xfedabeeb /* Magic word for active chunk */
|
||||
#define MAGICWORDFREE 0xdeadbeef /* Magic word for inactive chunk */
|
||||
#define MAGICBYTE ((char) 0xd7)
|
||||
|
||||
/* Each memory allocation is bounded by a header structure and a trailer
|
||||
byte. I.E.
|
||||
|
||||
<size><magicword><user's allocation><magicbyte>
|
||||
|
||||
The pointer returned to the user points to the first byte in the
|
||||
user's allocation area. The magic word can be tested to detect
|
||||
buffer underruns and the magic byte can be tested to detect overruns. */
|
||||
|
||||
struct hdr
|
||||
{
|
||||
size_t size; /* Exact size requested by user. */
|
||||
unsigned long int magic; /* Magic number to check header integrity. */
|
||||
};
|
||||
|
||||
/* Check the magicword and magicbyte, and if either is corrupted then
|
||||
call the emergency abort function specified for the heap in use. */
|
||||
|
||||
static void
|
||||
checkhdr (mdp, hdr)
|
||||
struct mdesc *mdp;
|
||||
CONST struct hdr *hdr;
|
||||
{
|
||||
if (hdr -> magic != MAGICWORD ||
|
||||
((char *) &hdr[1])[hdr -> size] != MAGICBYTE)
|
||||
{
|
||||
(*mdp -> abortfunc)();
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
mfree_check (md, ptr)
|
||||
PTR md;
|
||||
PTR ptr;
|
||||
{
|
||||
struct hdr *hdr = ((struct hdr *) ptr) - 1;
|
||||
struct mdesc *mdp;
|
||||
|
||||
mdp = MD_TO_MDP (md);
|
||||
checkhdr (mdp, hdr);
|
||||
hdr -> magic = MAGICWORDFREE;
|
||||
mdp -> mfree_hook = NULL;
|
||||
mfree (md, hdr);
|
||||
mdp -> mfree_hook = mfree_check;
|
||||
}
|
||||
|
||||
static PTR
|
||||
mmalloc_check (md, size)
|
||||
PTR md;
|
||||
size_t size;
|
||||
{
|
||||
struct hdr *hdr;
|
||||
struct mdesc *mdp;
|
||||
size_t nbytes;
|
||||
|
||||
mdp = MD_TO_MDP (md);
|
||||
mdp -> mmalloc_hook = NULL;
|
||||
nbytes = sizeof (struct hdr) + size + 1;
|
||||
hdr = (struct hdr *) mmalloc (md, nbytes);
|
||||
mdp -> mmalloc_hook = mmalloc_check;
|
||||
if (hdr != NULL)
|
||||
{
|
||||
hdr -> size = size;
|
||||
hdr -> magic = MAGICWORD;
|
||||
hdr++;
|
||||
*((char *) hdr + size) = MAGICBYTE;
|
||||
}
|
||||
return ((PTR) hdr);
|
||||
}
|
||||
|
||||
static PTR
|
||||
mrealloc_check (md, ptr, size)
|
||||
PTR md;
|
||||
PTR ptr;
|
||||
size_t size;
|
||||
{
|
||||
struct hdr *hdr = ((struct hdr *) ptr) - 1;
|
||||
struct mdesc *mdp;
|
||||
size_t nbytes;
|
||||
|
||||
mdp = MD_TO_MDP (md);
|
||||
checkhdr (mdp, hdr);
|
||||
mdp -> mfree_hook = NULL;
|
||||
mdp -> mmalloc_hook = NULL;
|
||||
mdp -> mrealloc_hook = NULL;
|
||||
nbytes = sizeof (struct hdr) + size + 1;
|
||||
hdr = (struct hdr *) mrealloc (md, (PTR) hdr, nbytes);
|
||||
mdp -> mfree_hook = mfree_check;
|
||||
mdp -> mmalloc_hook = mmalloc_check;
|
||||
mdp -> mrealloc_hook = mrealloc_check;
|
||||
if (hdr != NULL)
|
||||
{
|
||||
hdr -> size = size;
|
||||
hdr++;
|
||||
*((char *) hdr + size) = MAGICBYTE;
|
||||
}
|
||||
return ((PTR) hdr);
|
||||
}
|
||||
|
||||
/* Turn on default checking for mmalloc/mrealloc/mfree, for the heap specified
|
||||
by MD. If FUNC is non-NULL, it is a pointer to the function to call
|
||||
to abort whenever memory corruption is detected. By default, this is the
|
||||
standard library function abort().
|
||||
|
||||
Note that we disallow installation of initial checking hooks if mmalloc
|
||||
has been called at any time for this particular heap, since if any region
|
||||
that is allocated prior to installation of the hooks is subsequently
|
||||
reallocated or freed after installation of the hooks, it is guaranteed
|
||||
to trigger a memory corruption error. We do this by checking the state
|
||||
of the MMALLOC_INITIALIZED flag.
|
||||
|
||||
However, we can call this function at any time after the initial call,
|
||||
to update the function pointers to the checking routines and to the
|
||||
user defined corruption handler routine, as long as these function pointers
|
||||
have been previously extablished by the initial call. Note that we
|
||||
do this automatically when remapping an previously used heap, to ensure
|
||||
that the hooks get updated to the correct values, although the corruption
|
||||
handler pointer gets set back to the default. The application can then
|
||||
call mmcheck to use a different corruption handler if desired.
|
||||
|
||||
Returns non-zero if checking is successfully enabled, zero otherwise. */
|
||||
|
||||
int
|
||||
mmcheck (md, func)
|
||||
PTR md;
|
||||
void (*func) PARAMS ((void));
|
||||
{
|
||||
struct mdesc *mdp;
|
||||
int rtnval;
|
||||
|
||||
mdp = MD_TO_MDP (md);
|
||||
|
||||
/* We can safely set or update the abort function at any time, regardless
|
||||
of whether or not we successfully do anything else. */
|
||||
|
||||
mdp -> abortfunc = (func != NULL ? func : abort);
|
||||
|
||||
/* If we haven't yet called mmalloc the first time for this heap, or if we
|
||||
have hooks that were previously installed, then allow the hooks to be
|
||||
initialized or updated. */
|
||||
|
||||
if (1 /* FIXME: Always allow installation for now. */ ||
|
||||
!(mdp -> flags & MMALLOC_INITIALIZED) ||
|
||||
(mdp -> mfree_hook != NULL))
|
||||
{
|
||||
mdp -> mfree_hook = mfree_check;
|
||||
mdp -> mmalloc_hook = mmalloc_check;
|
||||
mdp -> mrealloc_hook = mrealloc_check;
|
||||
mdp -> flags |= MMALLOC_MMCHECK_USED;
|
||||
rtnval = 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
rtnval = 0;
|
||||
}
|
||||
|
||||
return (rtnval);
|
||||
}
|
Loading…
Reference in a new issue